<?php

include "dbconnect.php";
include "functions.php";
include "header.php";
check_rights(USER);
 
?>

<html>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<head>
<title>Kasutajate andmebaas</title>
</head>

<body bgcolor=AliceBlue text=DarkGoldenRod link=DarkSlateGray></body>


<form action=<?php echo $_SERVER['SCRIPT_NAME']; ?> method=post>

<table border=1>

<tr><td colspan="6"><h1>Kasutajate registreerimise vorm</h1></td></tr>


<tr>
    <td colspan="2"><h4>Vajalikud asjad</h4><br/>* on kohustuslik</td><td colspan="2"><h4>Info enda kohta</h4></td><td colspan="2"></tr>

</tr>
<tr>
  <td>Kasutajanimi*</td>
  <td><input type=text name=username value=<?php echo $_GET['username'] ?>></td>
  <td>Sündisin</td>
  <td><input type=text name=birth value=<?php echo $_GET['birth'] ?>></td>
</tr>
<tr>
  <td>Salasõna*</td>
  <td><input type=password name=password value=<?php echo $_GET['password'] ?>></td>
  <td>Telefon</td>
  <td><input type=text name=phone value=<?php echo $_GET['phone'] ?>></td>
  </tr>
<tr>
  <td>Õigused:</td>
  <td> Kasutaja = 2, Mode = 3, Admin = 4 </td>
  <td>Asukoht</td>
  <td><input type=text name=location value=<?php echo $_GET['location'] ?>></td>
</tr>
  
  
  </tr>
<tr>
  <td>Õigused:*</td>
  <td>
  <select name=level>
  <option></option>
  <option>2</option>
  <option>3</option>
  <option>4</option>
  </select>
  </td>
  <td> Asukoha koordinaat N</td>
  <td><input type=text name=location_coord_N value=<?php echo $_GET['location_coord_N'] ?>></td>
  
</tr>

<tr>
  <td>Eesnimi</td>
  <td><input type=text name=firstname value=<?php echo $_GET['firstname'] ?>></td>
  <td> Asukoha koordinaat E</td>
  <td><input type=text name=location_coord_E value=<?php echo $_GET['location_coord_E'] ?>></td>
  
</tr>
<tr>
  <td>Perenimi</td>
  <td><input type=text name=name value=<?php echo $_GET['name'] ?>></td>
  <td>Skype</td>
  <td><input type=text name=skype value=<?php echo $_GET['skype'] ?>></td>
  
</tr>
<tr>
  <td>E-mail:</td>
  <td><input type=text name=email value=<?php echo $_GET['email'] ?>></td>
  <td>MSN</td>
  <td><input type=text name=msn value=<?php echo $_GET['msn'] ?>></td>
</tr>
<tr>
  <td>Keel</td>
  <td><select name=lang>
  <option></option>
  <option value="EST">Eesti</option>
  <option value="ENG">Inglise</option>
  <option value="ESPER">Väljamõeldud</option>
  </select>
  </td>
  <td>Facebook</td>
  <td><input type=text name=facebook value=<?php echo $_GET['facebook'] ?>></td>
</tr>
<tr>
<td>Soovin teateid</td>
  <td><input type=checkbox name=newsletter checked="checked"></td>
  <td>Muu kontakt</td>
  <td><input type=text name=other_communication value=<?php echo $_GET['other_communication'] ?>></td>
</tr>
<tr>
<td><b>EI OLE AKTIIVNE</b></td>
  <td><input type=checkbox name=inactiv></td>
    <td><b>Minu pilt</b></td>
  <td><input type=test name=picture value=<?php echo $_GET['picture'] ?>></td>


</tr>
<tr>
<td><b>KUSTUTATUD</b></td>
  <td><input type=checkbox name=deleted></td>
</tr>
<td><b>Minust</b></td>

  <td><textarea name=comment cols=25 rows=7>Siia toksi enda tutvustus</textarea></td>
</tr>
</table>
<input type=submit name=useraddbutton value=Sisesta>
<input type=reset value="Algseis tagasi">
</form>
</html>
<?php
    
    
  //print_r($_POST);
  //echo $_POST['username'];
  
  #let's make strings secure
  foreach($_POST as $key => $val)
  {
    $_POST[$key] = str_secure($_POST[$key]);
  }
  $query = "SELECT * FROM logimine ";
  $result = @mysql_query($query);
  $row = mysql_fetch_assoc($result);
  
  if($_POST['useraddbutton'] == "Sisesta" AND $_POST['username'] == $row['username'])
  {
  echo "Kasutajanimi on juba käigus. Vali uus","<p>";
  echo $_POST['username'], "<p>", $row['username'], "<p>";
  
  }
  elseif($_POST['nupp'] == "Sisesta" AND $_POST['insert_username'] == "")
  {
  echo "Kasutajanimi on puudu. Vali uus","<p>";
  echo $_POST['username'], "<p>", $row['username'],"<p>";
  
  }
  elseif ( $_SESSION['login_user']['time'] != $_SESSION['login_user']['time'] )
  {
  echo "See nimi on juba olemas";
  
  }
  else
  {
    #DB query
    $querylisamine = "INSERT INTO logimine SET
    username='".$_POST['username']."',
    password=PASSWORD('".$_POST['password']."'),
    level='".$_POST['level']."',
    firstname='".$_POST['firstname']."',
    name='".$_POST['name']."',
    email='".$_POST['email']."',
    lang='".$_POST['lang']."',
    newsletter='".$_POST['newsletter']."',
    inactiv='".$_POST['inactiv']."',
    deleted='".$_POST['deleted']."',
    myself='".$_POST['myself']."',
    birth='".$_POST['birth']."',
    phone='".$_POST['phone']."',
    location='".$_POST['location']."',
    location_coord_N='".$_POST['location_coord_N']."',
    location_coord_E='".$_POST['location_coord_E']."',
    skype='".$_POST['skype']."',
    msn='".$_POST['msn']."',
    facebook='".$_POST['facebook']."',
    other_communication='".$_POST['other_communication']."',
    picture='".$_POST['picture']."',
    add_date=NOW(),
    add_person='".$_SESSION['login_user']['username']."'
    ";
    
    //echo $query;
    
    mysql_query($querylisamine) OR
    die("Ebaõnnestus: " . mysql_error());
    $_SESSION['login_user']['time'] ++; 
    $_POST['username'] = "";
    echo  $_SESSION['login_user']['time'] ; 
  }

//echo "<a href=".$_SERVER['SCRIPT_NAME']."?username=uugu&password=porgand&name=Uugu-Lehmaste>Automaatselt täida väljad</a>";
//print_r($_GET);

echo "<p>",$_POST['insert_username'];
echo "<p>","1", "<p>";
include "header.php";
include "footer.php";
?>